Medical Device Cybersecurity Intelligence

Real-time alerts from FDA Safety Communications, CISA Known Exploited Vulnerabilities, and NIST NVD — filtered for life-critical medical devices. Data is polled every 30 minutes from all three sources. The dashboard auto-refreshes every 10 minutes. Life-critical device alerts are highlighted in red.

62 Critical
289 High
39 Medium
390 Total

Last updated: 2026-07-16 13:38 UTC

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.8

CVE-2024-12248 — Patient Monitor Vulnerability

patient monitor

Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution.

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.3

CVE-2024-9832 — Ventilator Vulnerability

ventilator

There is no limit on the number of failed login attempts permitted with the Clinician Password or the Serial Number Clinician Password. An attacker could execute a brute-force attack to gain unauthorized access to the ventilator, and then make changes to device settings that coul…

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.3

CVE-2024-9834 — Ventilator Vulnerability

ventilator

Improper data protection on the ventilator's serial interface could allow an attacker to send and receive messages that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 10.0

CVE-2024-48966 — Ventilator Vulnerability

ventilator

The software tools used by service personnel to test & calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain diagnostic information through the test tool or manipulate the ventilator's set…

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 10.0

CVE-2024-48967 — Ventilator Vulnerability

ventilator

The ventilator and the Service PC lack sufficient audit logging capabilities to allow for detection of malicious activity and subsequent forensic examination. An attacker with access to the ventilator and/or the Service PC could, without detection, make unauthorized changes to ve…

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.3

CVE-2024-48970 — Ventilator Vulnerability

ventilator

The ventilator's microcontroller lacks memory protection. An attacker could connect to the internal JTAG interface and read or write to flash memory using an off-the-shelf debugging tool, which could disrupt the function of the device and/or cause unauthorized information disclos…

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.3

CVE-2024-48971 — Ventilator Vulnerability

ventilator

The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in plaintext form. This could allow an attacker to obtain the password off the ventilator and use it to gain unauthorized access to the device, with clinician privileges.

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.3

CVE-2024-48973 — Ventilator Vulnerability

ventilator

The debug port on the ventilator's serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port (which are unencrypted; see 3.2.1) that result in unauthorized disclosure of information and/or have unintended impacts on devi…

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.3

CVE-2024-48974 — Ventilator Vulnerability

ventilator

The ventilator does not perform proper file integrity checks when adopting firmware updates. This makes it possible for an attacker to force unauthorized changes to the device's configuration settings and/or compromise device functionality by pushing a compromised/illegitimate fi…

CRITICAL ⚕ LIFE CRITICAL NVD CVSS 9.8

CVE-2022-33321 — Ventilator Vulnerability

ventilator

Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mi…

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

CRITICAL NVD CVSS 9.3

CVE-2026-34361 — Hl7 Fhir Vulnerability

HL7 FHIR

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined w…

CRITICAL CISA-KEV

Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

Ivanti Endpoint Manager (EPM)

Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Valida…

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) contains an authentication bypass vulnerability in the API component that allows an attacker to access protected resources without proper credentials via crafted API requests. This vulnerability results from an insecure implementation of the …

CRITICAL CISA-KEV

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Ivanti Connect Secure, Policy Secure, and ZTA Gateways

Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.

CRITICAL CISA-KEV

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM)

Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.

CRITICAL CISA-KEV

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM)

Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.

CRITICAL CISA-KEV

Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability

Ivanti Endpoint Manager (EPM)

Ivanti Endpoint Manager (EPM) contains an absolute path traversal vulnerability that allows a remote unauthenticated attacker to leak sensitive information.

CRITICAL CISA-KEV

Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability

Ivanti Connect Secure, Policy Secure, and ZTA Gateways

Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.

CRITICAL CISA-KEV

Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability

Ivanti Cloud Services Appliance (CSA)

Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.

CRITICAL CISA-KEV

Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability

Ivanti Cloud Services Appliance (CSA)

Ivanti Cloud Services Appliance (CSA) contains a SQL injection vulnerability in the admin web console in versions prior to 5.0.2, which can allow a remote attacker authenticated as administrator to run arbitrary SQL statements.

CRITICAL CISA-KEV

Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability

Ivanti Endpoint Manager (EPM)

Ivanti Endpoint Manager (EPM) contains a SQL injection vulnerability in Core server that allows an unauthenticated attacker within the same network to execute arbitrary code.

CRITICAL CISA-KEV

Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability

Ivanti Virtual Traffic Manager

Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account.

CRITICAL CISA-KEV

Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability

Ivanti Cloud Services Appliance (CSA)

Ivanti Cloud Services Appliance (CSA) contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and exec…

CRITICAL CISA-KEV

Ivanti Cloud Services Appliance OS Command Injection Vulnerability

Ivanti Cloud Services Appliance

Ivanti Cloud Services Appliance (CSA) contains an OS command injection vulnerability in the administrative console which can allow an authenticated attacker with application admin privileges to pass commands to the underlying OS.

CRITICAL CISA-KEV

NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability

NextGen Healthcare Mirth Connect

NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.

CRITICAL CISA-KEV

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA)

Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) contains a code injection vulnerability that allows an unauthenticated user to execute malicious code with limited permissions (nobody).

CRITICAL CISA-KEV

Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability

Ivanti Connect Secure, Policy Secure, and Neurons

Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) vulnerability in the SAML component that allows an attacker to access certain restricted resources without authentication.

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core

Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core contain an authentication bypass vulnerability that allows unauthorized users to access restricted functionality or resources of the application.

CRITICAL CISA-KEV

Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability

Ivanti Connect Secure and Policy Secure

Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the web component that allows an attacker to access restricted resources by bypassing control checks. This vulnerability can be …

CRITICAL CISA-KEV

Ivanti Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti Connect Secure and Policy Secure

Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web components of these products, which can allow an authenticated administrator to send crafted requests to execute code on affected appl…

CRITICAL CISA-KEV

Ivanti Sentry Authentication Bypass Vulnerability

Ivanti Sentry

Ivanti Sentry, formerly known as MobileIron Sentry, contains an authentication bypass vulnerability that may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM) contains a path traversal vulnerability that enables an authenticated administrator to perform malicious file writes to the EPMM server. This vulnerability can be used in conjunction with CVE-2023-35078 to bypass authentication and ACLs restr…

CRITICAL CISA-KEV

Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability

Ivanti Endpoint Manager Mobile (EPMM)

Ivanti Endpoint Manager Mobile (EPMM, previously branded MobileIron Core) contains an authentication bypass vulnerability that allows unauthenticated access to specific API paths. An attacker with access to these API paths can access personally identifiable information (PII) such…

CRITICAL CISA-KEV

Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability

Siemens SIMATIC CP

An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.

CRITICAL CISA-KEV

Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability

Ivanti MobileIron Multiple Products

Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Use-After-Free Vulnerability

Ivanti Pulse Connect Secure

Ivanti Pulse Connect Secure contains a use-after-free vulnerability that allow a remote, unauthenticated attacker to execute code via license services.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Code Execution Vulnerability

Ivanti Pulse Connect Secure

Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability

Ivanti Pulse Connect Secure

Ivanti Pulse Connect Secure contains an unrestricted file upload vulnerability that allows an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability

Ivanti Pulse Connect Secure

Ivanti Pulse Connect Secure Collaboration Suite contains a buffer overflow vulnerabilities that allows a remote authenticated users to execute code as the root user via maliciously crafted meeting room.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Code Execution Vulnerability

Ivanti Pulse Connect Secure

Pulse Connect Secure contains an unspecified vulnerability that allows an authenticated attacker to perform code execution using uncontrolled gzip extraction.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure

Ivanti Pulse Connect Secure contains a command injection vulnerability that allows remote authenticated users to perform remote code execution via Windows File Resource Profiles.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability

Ivanti Pulse Connect Secure

Ivanti Pulse Connect Secure contains an arbitrary file read vulnerability that allows an unauthenticated remote attacker with network access via HTTPS to send a specially crafted URI.

CRITICAL CISA-KEV

Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability

Ivanti Pulse Connect Secure and Pulse Policy Secure

Ivanti Pulse Connect Secure and Policy Secure allows an authenticated attacker from the admin web interface to inject and execute commands.

CRITICAL NVD CVSS 9.8

CVE-2021-27410 — Medical Device Vulnerability

medical device

The affected product is vulnerable to an out-of-bounds write, which may result in corruption of data or code execution on the Welch Allyn medical device management tools (Welch Allyn Service Tool: versions prior to v1.10, Welch Allyn Connex Device Integration Suite – Network Conn…

HIGH ⚕ LIFE CRITICAL NVD CVSS 8.6

CVE-2026-10649 — Pacemaker Vulnerability

pacemaker

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, le…

HIGH ⚕ LIFE CRITICAL FDA

Merit Medical Systems, Inc. — CentrosFLO Hemodialysis Catheters, REF: CENFP15K/A, CENFP15K/B, CENFP17K/A, CENFP19K/A, CENFP23K/A,

Merit Medical Systems, Inc. CentrosFLO Hemodialysis Catheters, REF: CENFP15K/A, CENFP15K/B, CENFP17K/A, CENFP19K/A, CENFP23K/A, CENFP27K/A, CENFP31K/A, CENFT15K, CENFT15K/D, CENFT17K, CENFT17K/A, CENFT17K/D, CENFT19K, CENFT19K/A

16F dual-valved splittable sheath introducer due to a design defect, may not split as intended, which may result in hemorrhage, foreign bodies, procedure delay, embolization/thrombosis, impaired catheter function, loss of vessel for future vascular access.

HIGH ⚕ LIFE CRITICAL FDA

Merit Medical Systems, Inc. — ProGuide Chronic Dialysis Catheters, REF: DC01455550/C, DC21452419/C, DC21452419-NE5/C, DC21452823-N

Merit Medical Systems, Inc. ProGuide Chronic Dialysis Catheters, REF: DC01455550/C, DC21452419/C, DC21452419-NE5/C, DC21452823-NE5/C, DC21454035/C, DC21455550/C

16F dual-valved splittable sheath introducer due to a design defect, may not split as intended, which may result in hemorrhage, foreign bodies, procedure delay, embolization/thrombosis, impaired catheter function, loss of vessel for future vascular access.

HIGH ⚕ LIFE CRITICAL FDA

Merit Medical Systems, Inc. — DuraMax Chronic Hemodialysis Catheter, REF: H787103028015/A, H787103028025/A, H787103028031/A, H7871

Merit Medical Systems, Inc. DuraMax Chronic Hemodialysis Catheter, REF: H787103028015/A, H787103028025/A, H787103028031/A, H787103028035/A, H787103028041/A, H787103028045/A, H787103028051/A, H787103028055/A, H787103028061/A, H78

16F dual-valved splittable sheath introducer due to a design defect, may not split as intended, which may result in hemorrhage, foreign bodies, procedure delay, embolization/thrombosis, impaired catheter function, loss of vessel for future vascular access.

HIGH ⚕ LIFE CRITICAL FDA

ICU Medical, Inc. — Tego Connector: REF: 011-D1000, 01C-D1000, 055-D1000, D1000; Conector Tego: REF: LAT-D1000

ICU Medical, Inc. Tego Connector: REF: 011-D1000, 01C-D1000, 055-D1000, D1000; Conector Tego: REF: LAT-D1000

Needle free access device intended as accessory to vascular access used in hemodialysis or accessory to intravascular administration sets has a silicone seal which may bulge at the top, separate from the body, tear; may result in fluid leaks, occluded fluid flow, inability to inj…

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM50, iM60, iM70, iM80 Product

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM50, iM60, iM70, iM80 Product Description: The iM series Patient Monitor including iM50, iM60, iM70 and iM80 can perform long-time

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: elite V5, elite V6, elite V8 Pr

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: elite V5, elite V6, elite V8 Product Description: V series Patient Monitor including elite V5, elite V6 and elite V8 which can perf

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM20 Product Description: The i

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM20 Product Description: The iM20 Patient Monitor System (hereinafter called iM20) can perform long-time continuous monitoring of

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: X8, X10, X12 Product Descriptio

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: X8, X10, X12 Product Description: The X8 X10 X12 Patient Monitor (hereinafter called X series) can perform long-time continuous mon

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iX10, iX12, iX15 Product Descri

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iX10, iX12, iX15 Product Description: The iX series Patient Monitors including iX10, iX12, iX15 can perform long-time continuous mo

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3B Product Description: M3

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3B Product Description: M3B Vital Signs Monitor is a patient monitoring device providing the patient with a continuous vital p

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM8, iM8A, iM8B Product Descrip

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM8, iM8A, iM8B Product Description: iM8 Series Patient Monitor can perform long-time continuous monitoring of multiple physiologic

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM50, iM60, iM70, iM80 Produ

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM50, iM60, iM70, iM80 Product Description: The iM series Patient Monitor including iM50, iM60, iM70 and iM80 can perform long-t

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: elite V5, elite V6, elite V8

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: elite V5, elite V6, elite V8 Product Description: V series Patient Monitor including elite V5, elite V6 and elite V8 which can p

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM20 Product Description: Th

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM20 Product Description: The iM20 Patient Monitor System (hereinafter called iM20) can perform long-time continuous monitoring

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: X8, X10, X12 Product Descrip

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: X8, X10, X12 Product Description: The X8 X10 X12 Patient Monitor (hereinafter called X series) can perform long-time continuous

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iX10, iX12, iX15 Product Des

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iX10, iX12, iX15 Product Description: The iX series Patient Monitors including iX10, iX12, iX15 can perform long-time continuous

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3B Product Description:

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3B Product Description: M3B Vital Signs Monitor is a patient monitoring device providing the patient with a continuous vita

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM8, iM8A, iM8B Product Desc

Edan Diagnostics Brand Name: EDAN Product Name: Patient Monitor Model/Catalog Number: iM8, iM8A, iM8B Product Description: iM8 Series Patient Monitor can perform long-time continuous monitoring of multiple physiolo

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH ⚕ LIFE CRITICAL FDA

Fresenius Medical Care Holdings, Inc. — Blood Pressure Module BPM3 TM-2917B (Spare Part Numbers 191378 or 191389) with firmware version S005

Fresenius Medical Care Holdings, Inc. Blood Pressure Module BPM3 TM-2917B (Spare Part Numbers 191378 or 191389) with firmware version S005 installed in 2008 Series Hemodialysis Machines with Part Numbers 190573, 190713, 190766, 190858, 19

Machines equipped with BPM3 Blood Pressure Modules (Blood pressure monitor TM-2917B with firmware version S005) will not record Blood Pressure measurements and does not alarm if the cuff tubing is kinked close to the cuff.

HIGH ⚕ LIFE CRITICAL FDA

Getinge Usa Sales Inc — Flow-c Anesthesia System, model 6887700

Getinge Usa Sales Inc Flow-c Anesthesia System, model 6887700

Potential cybersecurity vulnerability that could lead to a Denial of Service (DoS) attack, tampering, or remote code execution via remote login to the Flow Anesthesia System, any of which could lead to a hazardous situation.

HIGH ⚕ LIFE CRITICAL FDA

Getinge Usa Sales Inc — Flow-e Anesthesia System, model 6887900

Getinge Usa Sales Inc Flow-e Anesthesia System, model 6887900

Potential cybersecurity vulnerability that could lead to a Denial of Service (DoS) attack, tampering, or remote code execution via remote login to the Flow Anesthesia System, any of which could lead to a hazardous situation.

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Input Output Module (IOM) FLX-201-Laboratory Automation system Brand names of the same product: Fle

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Input Output Module (IOM) FLX-201-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: FLX-201-00, APT-201-00,

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Storage and Retrieval Module (SRM)-Laboratory Automation system Brand names of the same product: Fl

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Storage and Retrieval Module (SRM)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: ACP-207-00, ACP-207-01,

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — PVT Interface Module (PVT)-Laboratory Automation system Brand names of the same product: FlexLab (F

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland PVT Interface Module (PVT)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: 72747000.A

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Vesmatic Cube 80 Interface Module (VMC)-Laboratory Automation system Brand names of the same produc

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Vesmatic Cube 80 Interface Module (VMC)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: 72747000.A

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Alinity h Interface Module (HSQ)-Laboratory Automation system Brand names of the same product: Flex

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Alinity h Interface Module (HSQ)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: FLX-274-20

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Input Output Module (IOM) FLX-201-Laboratory Automation system Brand names of the same product: F

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Input Output Module (IOM) FLX-201-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: FLX-201-00, APT-2

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Storage and Retrieval Module (SRM)-Laboratory Automation system Brand names of the same product:

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Storage and Retrieval Module (SRM)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: ACP-207-00, ACP-2

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — PVT Interface Module (PVT)-Laboratory Automation system Brand names of the same product: FlexLab

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland PVT Interface Module (PVT)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: 72747000.A

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Vesmatic Cube 80 Interface Module (VMC)-Laboratory Automation system Brand names of the same prod

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Vesmatic Cube 80 Interface Module (VMC)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: 72747000.A

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland — Alinity h Interface Module (HSQ)-Laboratory Automation system Brand names of the same product: Fl

Inpeco S.A. Via San Gottardo 10 Lugano Switzerland Alinity h Interface Module (HSQ)-Laboratory Automation system Brand names of the same product: FlexLab (FLX), Accelerator a3600 (ACP), Aptio Automation (AP2) Part Numbers: FLX-274-20

Firmware versions have the potential to mis-associate sample IDs leading to incorrect results or delayed sodium, potassium, and chloride patient results. Falsely increased or decreased electrolytes can lead to either inappropriate treatment of normal results, or failure to treat …

HIGH ⚕ LIFE CRITICAL FDA

CareFusion 303, Inc. — BD Pyxis Anesthesia ES System (PAS ES), REF: 327; BP Pyxis MedStation ES (Med ES Main), REF: 323; BD

CareFusion 303, Inc. BD Pyxis Anesthesia ES System (PAS ES), REF: 327; BP Pyxis MedStation ES (Med ES Main), REF: 323; BD Pyxis MedStation ES Tower (Med ES Tower), REF: 352; all with BD Pyxis ES version 1.6.1 drawer firmw

Automated dispensing cabinet drawer firmware may have inadvertently been downgraded to an earlier version of drawer firmware during new device installations or device replacement upgrades, which may lead to an increased frequency of drawer failures, which could increase the likel…

HIGH ⚕ LIFE CRITICAL FDA

Philips Healthcare (Suzhou) Co., Ltd. Suzhou Industrial Park No. — Incisive CT, model 728143 & 728144 running Software Version 5.0.0.

Philips Healthcare (Suzhou) Co., Ltd. Suzhou Industrial Park No. Incisive CT, model 728143 & 728144 running Software Version 5.0.0.

Multiple software issues which have the potential to lead to misdiagnosis due to image artifacts or incorrect image orientation labels, or the need for a CT rescan. These include: 1. Artifacts may occur on perfusion images, 2. Orientation label reversed in 2D images, 3. Auto vo…

HIGH ⚕ LIFE CRITICAL FDA

Medtronic MiniMed — Insulin Pump/Model: MiniMed 630G/ MMT-1715, MMT-1755, MMT-1754; MiniMed 670G/ MMT-1780, MMT-1781, M

Medtronic MiniMed Insulin Pump/Model: MiniMed 630G/ MMT-1715, MMT-1755, MMT-1754; MiniMed 670G/ MMT-1780, MMT-1781, MMT-1782, MMT-1760, MMT-1761, MMT-1762, MMT-1740, MMT-1741, MMT-1742

Medtronic identified a cybersecurity vulnerability in the MiniMed 600 series Insulin Pump Systems associated with the communication protocol that could allow unauthorized access to the pump system. This unauthorized access could be used to deliver too much or too little insulin t…

HIGH ⚕ LIFE CRITICAL FDA

Medtronic MiniMed — Insulin Pump/Model: MiniMed 620G/ MMT-1750 MiniMed 640G/ MMT-1711, MMT-1712, MMT-1751, MMT-1752

Medtronic MiniMed Insulin Pump/Model: MiniMed 620G/ MMT-1750 MiniMed 640G/ MMT-1711, MMT-1712, MMT-1751, MMT-1752

Medtronic identified a cybersecurity vulnerability in the MiniMed 600 series Insulin Pump Systems associated with the communication protocol that could allow unauthorized access to the pump system. This unauthorized access could be used to deliver too much or too little insulin t…

HIGH ⚕ LIFE CRITICAL NVD CVSS 8.8

CVE-2022-1049 — Pacemaker Vulnerability

pacemaker

A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

HIGH ⚕ LIFE CRITICAL NVD CVSS 7.3

CVE-2020-10627 — Insulin Pump Vulnerability

insulin pump

Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wireless RF communication protocol does not properly implement authentication or au…

HIGH ⚕ LIFE CRITICAL NVD CVSS 8.8

CVE-2021-27489 — Defibrillator Vulnerability

defibrillator

ZOLL Defibrillator Dashboard, v prior to 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an attacker to remotely execute arbitrary commands.

HIGH ⚕ LIFE CRITICAL NVD CVSS 7.8

CVE-2021-27483 — Defibrillator Vulnerability

defibrillator

ZOLL Defibrillator Dashboard, v prior to 2.2,The affected products contain insecure filesystem permissions that could allow a lower privilege user to escalate privileges to an administrative level user.

HIGH ⚕ LIFE CRITICAL NVD CVSS 7.5

CVE-2021-27485 — Defibrillator Vulnerability

defibrillator

ZOLL Defibrillator Dashboard, v prior to 2.2,The application allows users to store their passwords in a recoverable format, which could allow an attacker to retrieve the credentials from the web browser.

HIGH ⚕ LIFE CRITICAL NVD CVSS 8.8

CVE-2020-27264 — Insulin Pump Vulnerability

insulin pump

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys vi…

HIGH ⚕ LIFE CRITICAL NVD CVSS 7.2

CVE-2020-25654 — Pacemaker Vulnerability

pacemaker

An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the confi…

HIGH NVD CVSS 7.5

CVE-2026-55470 — Hl7 Fhir Vulnerability

HL7 FHIR

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches() in org.hl7.fhir.dstu2/utils/FHIRPathEngine.java to call raw…

HIGH FDA

CMR SURGICAL LIMITED 1 Evolution Business Park Milton Road; Cam Cambridge United Kingdom — Brand Name: Versius Surgical System US Product Name: Vesius Surgeon Console US Model/Catalog Numbe

CMR SURGICAL LIMITED 1 Evolution Business Park Milton Road; Cam Cambridge United Kingdom Brand Name: Versius Surgical System US Product Name: Vesius Surgeon Console US Model/Catalog Number: V-SS-1020 Software Version: Pratchett 1 version 62.1 Product Description: The Versius Surgical

Secure Boot was mistakenly not enabled at manufacturing time, which presents a potential cybersecurity risk.

HIGH FDA

— SD LTM 64 PLUS, EEG Amplifier/recorder, Model/Catalog Number: SD LTM 64 PLUS, Software Version: firm

SD LTM 64 PLUS, EEG Amplifier/recorder, Model/Catalog Number: SD LTM 64 PLUS, Software Version: firmware 2021.02, 2022.01 or 2022.02

Natus has become aware of two complaints related to the SD LTM 64 PLUS where the EEG traces acquired from two or four different amplifiers used in a multiple amplifier configuration (128 or 256 channels) running firmware version 2022.02 were displayed with a shift of 1 second bet…

HIGH FDA

Fresh Roast Systems Inc — Fresh Roast Systems ColorTrack. Model Name: ColorTrack. Model Number: BENCH R-100

Fresh Roast Systems Inc Fresh Roast Systems ColorTrack. Model Name: ColorTrack. Model Number: BENCH R-100

A defect has been identified in the manufacture of the Fresh Roast Systems ColorTrack instrument model number BENCH R-100 which could under very rare specific misuse circumstances potentially allow human access to infrared laser light levels in excess of the safety Classification…

HIGH FDA

Fresh Roast Systems Inc — Fresh Roast Systems ColorTrack. Model Name: ColorTrack. Model Number: BENCH R-100

Fresh Roast Systems Inc Fresh Roast Systems ColorTrack. Model Name: ColorTrack. Model Number: BENCH R-100

A defect has been identified in the manufacture of the Fresh Roast Systems ColorTrack instrument model number BENCH R-100 which could under very rare specific misuse circumstances potentially allow human access to infrared laser light levels in excess of the safety Classification…

HIGH NVD CVSS 7.4

CVE-2026-34359 — Hl7 Fhir Vulnerability

HL7 FHIR

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer() uses String.startsWith() to match request URLs against configured server URLs for authentication credential dispatch.…

HIGH FDA

GE Medical Systems, LLC — Revolution Ascend, computed tomography, Model Numbers 6969000-100 and 6969000-300

GE Medical Systems, LLC Revolution Ascend, computed tomography, Model Numbers 6969000-100 and 6969000-300

GE HealthCare has become aware of a potential security vulnerability impacting AW Server deployed via Edison Health Link (EHL) based CT Smart Subscription used in conjunction with certain Revolution Apex, Revolution Ascend, and Revolution CT systems.

HIGH NVD CVSS 7.5

CVE-2026-33180 — Hl7 Fhir Vulnerability

HL7 FHIR

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.0, when setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirec…

HIGH FDA

Beckman Coulter, Inc. — Access Total T4 Calibrator, Catalog No. 33805

Beckman Coulter, Inc. Access Total T4 Calibrator, Catalog No. 33805

Beckman Coulter has identified that Access Total T4 Calibrator lots (PN 33805) exhibit a negative bias on DxI 600/800 instruments, with slopes outside product specifications. A false low patient result could cause a patient to undergo unnecessary additional diagnostic testing. A …

HIGH NVD CVSS 8.1

CVE-2025-67752 — Electronic Health Record Vulnerability

electronic health record

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper (`oeHttp`/`oeHttpRequest`) disables SSL/TLS certificate verification by default (`verify: false`), making all external HT…

HIGH NVD CVSS 8.7

CVE-2025-69231 — Electronic Health Record Vulnerability

electronic health record

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicio…

HIGH FDA

Merit Medical Systems, Inc. — 16F Dual Valved Splittable Sheath Introducer (bulk, non-sterile), REF: FCL-174-00/B

Merit Medical Systems, Inc. 16F Dual Valved Splittable Sheath Introducer (bulk, non-sterile), REF: FCL-174-00/B

16F dual-valved splittable sheath introducer due to a design defect, may not split as intended, which may result in hemorrhage, foreign bodies, procedure delay, embolization/thrombosis, impaired catheter function, loss of vessel for future vascular access.

HIGH FDA

Merit Medical Systems, Inc. — BioFlo DuraMax Catheter, REF: H965103028011/A, H965103028021/A, H965103028021/EU, H965103028031/A, H

Merit Medical Systems, Inc. BioFlo DuraMax Catheter, REF: H965103028011/A, H965103028021/A, H965103028021/EU, H965103028031/A, H965103028031/EU, H965103028041/A, H965103028041/EU, H965103028051/A, H965103028051/EU, H965103028061

16F dual-valved splittable sheath introducer due to a design defect, may not split as intended, which may result in hemorrhage, foreign bodies, procedure delay, embolization/thrombosis, impaired catheter function, loss of vessel for future vascular access.

HIGH FDA

GE Medical Systems, LLC — Centricity Universal Viewer Software Versions 7.0 through 7.0 Sp2.0.1, a device that displays medica

GE Medical Systems, LLC Centricity Universal Viewer Software Versions 7.0 through 7.0 Sp2.0.1, a device that displays medical images (including mammograms) and data from various imaging sources, Model Numbers 5826659-027, 58

There is a potential cybersecurity vulnerability affecting certain versions of Centricity Universal Viewer. User login credentials may be exposed on the local client workstation, which could allow an unauthorized individual to potentially impact system availability and/or manipul…

HIGH FDA

GE Medical Systems, LLC — Centricity Universal Viewer Software Versions 6.0 through 6.0 Sp10.4.1, a device that displays medic

GE Medical Systems, LLC Centricity Universal Viewer Software Versions 6.0 through 6.0 Sp10.4.1, a device that displays medical images (including mammograms) and data from various imaging sources, Model Numbers 2088026-406, 2

There is a potential cybersecurity vulnerability affecting certain versions of Centricity Universal Viewer. User login credentials may be exposed on the local client workstation, which could allow an unauthorized individual to potentially impact system availability and/or manipul…

HIGH FDA

GE Medical Systems, LLC — Centricity Universal Viewer Software Versions 5.0 SP6 through UV 5.0 SP7.1, a device that displays m

GE Medical Systems, LLC Centricity Universal Viewer Software Versions 5.0 SP6 through UV 5.0 SP7.1, a device that displays medical images (including mammograms) and data from various imaging sources, Model Numbers 2088026-02

There is a potential cybersecurity vulnerability affecting certain versions of Centricity Universal Viewer. User login credentials may be exposed on the local client workstation, which could allow an unauthorized individual to potentially impact system availability and/or manipul…

HIGH NVD CVSS 8.8

CVE-2025-67645 — Electronic Health Record Vulnerability

electronic health record

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 7.0.4 have a broken access control in the Profile Edit endpoint. An authenticated normal user can modify the request parameters (pubpid / pid) to reference a…

HIGH FDA

Auris Health, Inc — MONARCH Platform, Bronchoscopy, Catalog Numbers: MON-000005-01 , MON-000005-01R , MON-000006 , MON-0

Auris Health, Inc MONARCH Platform, Bronchoscopy, Catalog Numbers: MON-000005-01 , MON-000005-01R , MON-000006 , MON-000006-RFB, MON-000008 with software

Device for bronchoscopic visualization, patient airway access has software issue: if application restarts after patient-side selection, prior to bronchoscope loading, application will re-initialize to patient-left position; and if right position was previously selected, this may …

HIGH FDA

Intuitive Surgical, Inc. — da Vinci 5 Surgeon Console Viewer Display, ASSY, DV5 CONSOLE, IS5000, Part Number: 380730-45

Intuitive Surgical, Inc. da Vinci 5 Surgeon Console Viewer Display, ASSY, DV5 CONSOLE, IS5000, Part Number: 380730-45

Robotic-assisted surgical system has Viewer Display manufactured with outdated firmware, may result in loss of one display-loss of 3D surgical field (depth perception) but 2D maintained, or loss of both displays-complete visualization loss, without fault, instruments remain activ…

HIGH FDA

WHILL, INC. 2 Chome 1-11 Higashishinagawa Shinagawa Japan — WHILL Model F, with software versions before HMI: 2.23 / MC: 1.05; the device is an indoor/outdoor,

WHILL, INC. 2 Chome 1-11 Higashishinagawa Shinagawa Japan WHILL Model F, with software versions before HMI: 2.23 / MC: 1.05; the device is an indoor/outdoor, foldable battery-operated 2-wheel drive (rear-wheel drive) powered wheelchair.

Cyber vulnerability of BLE communication was found by CISA VDP program.

HIGH FDA

Securitas Healthcare LLC — Arial 900 MHz Call Station, Model Number CSK200-900, with Firmware version: 1.6.3

Securitas Healthcare LLC Arial 900 MHz Call Station, Model Number CSK200-900, with Firmware version: 1.6.3

Securitas Healthcare has become aware of a firmware issue in the Call Stations in the Affected Lots that may cause Call Stations in the Affected Lots to (1) not transmit a low battery alert to the Arial Wireless Emergency Call System prior to battery failure, or (2) not transmit …

HIGH FDA

Securitas Healthcare LLC — Arial 900 MHz Call Station, Model Number CSK200-900MR, with Firmware version: 1.6.3

Securitas Healthcare LLC Arial 900 MHz Call Station, Model Number CSK200-900MR, with Firmware version: 1.6.3

Securitas Healthcare has become aware of a firmware issue in the Call Stations in the Affected Lots that may cause Call Stations in the Affected Lots to (1) not transmit a low battery alert to the Arial Wireless Emergency Call System prior to battery failure, or (2) not transmit …

HIGH FDA

CareFusion 303, Inc. — BD Pyxis MedStation ES, REF: 323, BD Pyxis MedStation ES 7 Drawer Auxiliary, REF: 324, BD Pyxis M

CareFusion 303, Inc. BD Pyxis MedStation ES, REF: 323, BD Pyxis MedStation ES 7 Drawer Auxiliary, REF: 324, BD Pyxis MedStation ES Tower, REF: 352, BD Pyxis Pro 7-Drawer Auxiliary, REF: 1149-00, BD Pyxis Pro 7- Drawe

Automated Dispensing Cabinets (ADC) received a Half Height CUBIE drawer firmware update, which caused a Cubie Insert event which prompts software to generate a duplicate address, which causes an error and the drawer to fail, which may lead to inability or delay in accessing store…

HIGH FDA

Beckman Coulter, Inc. — Access 2 Reaction Vessels, individual, disposable, plastic tubes used to process patient, quality co

Beckman Coulter, Inc. Access 2 Reaction Vessels, individual, disposable, plastic tubes used to process patient, quality control and calibration samples on the Access 2 Immunoassay system, Catalog Number 81901

It has been determined that certain lots of Access 2 Reaction Vessels may contain manufacturing deformities. The bottom (round end) of the Reaction Vessel may have a small protrusion or hair like deformity. This could cause causing instrument errors (e.g., pipetting, rake, wash c…

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Fetal Monitor Model/Catalog Number: F2, F3 Product Description: The d

Edan Diagnostics Brand Name: EDAN Product Name: Fetal Monitor Model/Catalog Number: F2, F3 Product Description: The devices are bedside fetal and maternal monitors, which are used to monitor the physiological paramete

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Fetal & Maternal Monitor Model/Catalog Number: F6, F9, F6 Express, F9

Edan Diagnostics Brand Name: EDAN Product Name: Fetal & Maternal Monitor Model/Catalog Number: F6, F9, F6 Express, F9 Express Product Description: The devices are bedside fetal and maternal monitors, which are used to

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3 Product Description: The

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3 Product Description: The Vital Signs Monitor is a portable device intended for use by health care professionals. The monitor

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3 Product Description: Th

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3 Product Description: The iM3 has three work modes, Monitor, Spot and Round, to measure physiological parameters, including

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3s, iM3As, iM3Bs, iHM3s P

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3s, iM3As, iM3Bs, iHM3s Product Description: The iM3s series vital signs monitors including iM3s/iM3As/iM3Bs/iHM3s are intend

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CMS Product Descr

Edan Diagnostics Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CMS Product Description: MFM-CMS is a central monitoring system product, which can connect and manage information fro

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CNS, MFM-CNS Lite

Edan Diagnostics Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CNS, MFM-CNS Lite Product Description: The MFM-CNS and MFM-CNS Lite are clinical data managing software applications.

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3A Product Description: Th

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3A Product Description: The Vital Signs Monitor is a portable device intended for use by health care professionals. The monito

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Telemetry Transmitter Model/Catalog Number: iT20 Product Description:

Edan Diagnostics Brand Name: EDAN Product Name: Telemetry Transmitter Model/Catalog Number: iT20 Product Description: iT20 collects physiological parameters by ECG cables and SpO2 sensors, then achieves data analyzing

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Fetal Monitor Model/Catalog Number: F2, F3 Product Description: Th

Edan Diagnostics Brand Name: EDAN Product Name: Fetal Monitor Model/Catalog Number: F2, F3 Product Description: The devices are bedside fetal and maternal monitors, which are used to monitor the physiological param

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Fetal & Maternal Monitor Model/Catalog Number: F6, F9, F6 Express,

Edan Diagnostics Brand Name: EDAN Product Name: Fetal & Maternal Monitor Model/Catalog Number: F6, F9, F6 Express, F9 Express Product Description: The devices are bedside fetal and maternal monitors, which are used

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3 Product Description:

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3 Product Description: The Vital Signs Monitor is a portable device intended for use by health care professionals. The moni

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3 Product Description:

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3 Product Description: The iM3 has three work modes, Monitor, Spot and Round, to measure physiological parameters, includi

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3s, iM3As, iM3Bs, iHM3s

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: iM3s, iM3As, iM3Bs, iHM3s Product Description: The iM3s series vital signs monitors including iM3s/iM3As/iM3Bs/iHM3s are int

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CMS Product De

Edan Diagnostics Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CMS Product Description: MFM-CMS is a central monitoring system product, which can connect and manage information

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CNS, MFM-CNS Li

Edan Diagnostics Brand Name: EDAN Product Name: Central Monitoring System Model/Catalog Number: MFM-CNS, MFM-CNS Lite Product Description: The MFM-CNS and MFM-CNS Lite are clinical data managing software applicatio

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3A Product Description:

Edan Diagnostics Brand Name: EDAN Product Name: Vital Signs Monitor Model/Catalog Number: M3A Product Description: The Vital Signs Monitor is a portable device intended for use by health care professionals. The mon

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Edan Diagnostics — Brand Name: EDAN Product Name: Telemetry Transmitter Model/Catalog Number: iT20 Product Descripti

Edan Diagnostics Brand Name: EDAN Product Name: Telemetry Transmitter Model/Catalog Number: iT20 Product Description: iT20 collects physiological parameters by ECG cables and SpO2 sensors, then achieves data analyz

As a result of receiving an FDA It Has Come to Our Attention Letter (IHCTOA Letter) regarding potential cybersecurity issues with various of the firm device.

HIGH FDA

Becton Dickinson & Co. — BD EpiCenter Microbiology Data Management System, labeled as the following: 1. Computer System Epic

Becton Dickinson & Co. BD EpiCenter Microbiology Data Management System, labeled as the following: 1. Computer System Epicenter F/G, Catalog Number: 441002. 2. COMPUTER OPTIPLEX EPICENTER SPARE, Catalog Number: 441421. 3

Product service credentials used by some BD technical support teams to access certain BD products were accessed by an unauthorized actor. Until these product service credentials are updated, there is a risk of unauthorized access that may impact the confidentiality, integrity and…

HIGH FDA

Becton Dickinson & Co. — BD BACTEC Blood Culture System, labeled as the following: 1. BD BACTEC FX, Instrument Top, Packaged

Becton Dickinson & Co. BD BACTEC Blood Culture System, labeled as the following: 1. BD BACTEC FX, Instrument Top, Packaged, Catalog Number: 44138509. 2. Instrument Top Remanufactured Bactec Fx, Catalog Number: 441676. 3

Product service credentials used by some BD technical support teams to access certain BD products were accessed by an unauthorized actor. Until these product service credentials are updated, there is a risk of unauthorized access that may impact the confidentiality, integrity and…

HIGH FDA

Becton Dickinson & Co. — BD BACTEC Blood Culture System, labeled as the following: 1. BACTEC 9120 System, Catalog Numbers: 4

Becton Dickinson & Co. BD BACTEC Blood Culture System, labeled as the following: 1. BACTEC 9120 System, Catalog Numbers: 445570, 445702. 2. INSTRUMENT BACTEC 9120 UNREPAIRED, Catalog Number: 44557008.

Product service credentials used by some BD technical support teams to access certain BD products were accessed by an unauthorized actor. Until these product service credentials are updated, there is a risk of unauthorized access that may impact the confidentiality, integrity and…

HIGH FDA

Becton Dickinson & Co. — BD MAX System, for in vitro diagnostic (IVD) use, labeled as the following: 1. BD MAX System, BD MA

Becton Dickinson & Co. BD MAX System, for in vitro diagnostic (IVD) use, labeled as the following: 1. BD MAX System, BD MAX Instrument, Catalog Numbers: 44191609, 441927.

Product service credentials used by some BD technical support teams to access certain BD products were accessed by an unauthorized actor. Until these product service credentials are updated, there is a risk of unauthorized access that may impact the confidentiality, integrity and…

HIGH FDA

Becton Dickinson & Co. — BD Phoenix M50 Instrument, labeled as the following: 1. BD Phoenix M50 Automated Microbiology Syste

Becton Dickinson & Co. BD Phoenix M50 Instrument, labeled as the following: 1. BD Phoenix M50 Automated Microbiology System, Catalog Numbers: 443624, 44362409.

Product service credentials used by some BD technical support teams to access certain BD products were accessed by an unauthorized actor. Until these product service credentials are updated, there is a risk of unauthorized access that may impact the confidentiality, integrity and…

HIGH FDA

Becton Dickinson & Co. — BD Veritor Connect Software, labeled as the following: 1. Veritor (NUC), Catalog Number: 444881. Tr

Becton Dickinson & Co. BD Veritor Connect Software, labeled as the following: 1. Veritor (NUC), Catalog Number: 444881. Transfers in vitro diagnostic results data on the BD Veritor Plus Analyzer to BD Synapsys.

Product service credentials used by some BD technical support teams to access certain BD products were accessed by an unauthorized actor. Until these product service credentials are updated, there is a risk of unauthorized access that may impact the confidentiality, integrity and…

HIGH FDA

Beta Bionics, Inc. — iLet Bionic Pancreas, REF: BB1001

Beta Bionics, Inc. iLet Bionic Pancreas, REF: BB1001

The reason for the recall is: it was found in version 3.3.6 of the iLet ACE Pump firmware and all previous releases that a screen unlock failure could occur when the user successfully slides the unlock slider on the Lock Screen, no screen transition occurs, and the user remains …

HIGH FDA

Beckman Coulter, Inc. — DxC 500i Clinical Analyzer Modules, DxC 500 AU Module w/ISE, DxC 500i (Part Number C63522), DxC 500

Beckman Coulter, Inc. DxC 500i Clinical Analyzer Modules, DxC 500 AU Module w/ISE, DxC 500i (Part Number C63522), DxC 500 AU Module, DxC 500i (Part Number C63521), and Access 2 Module, DxC 500i (Part Number C13252)

Beckman Coulter has confirmed a software anomaly on DxI 9000 Access Immunoassay Analyzer and the DxC 500i Clinical Analyzer that may prevent correct application of user-specified manual dilution factors when ordering additional tests for samples already "In Progress" using the sa…

HIGH FDA

Noah Medical Corporation — Brand Name: Galaxy System Product Name: Galaxy System Model/Catalog Number: GAL-001 Product Descript

Noah Medical Corporation Brand Name: Galaxy System Product Name: Galaxy System Model/Catalog Number: GAL-001 Product Description: The Galaxy SystemTM and its accessories are intended to provide bronchoscopic visualization of

Due to Users not having access to the Instructions for Use/User Manual due to it being password protected.

HIGH FDA

W L Gore & Associates, Inc. — GORE ACUSEAL Vascular Graft, REF: ECH050020J, ECH050020W, ECH050050J, ECH050050W, ECH060010A, ECH060

W L Gore & Associates, Inc. GORE ACUSEAL Vascular Graft, REF: ECH050020J, ECH050020W, ECH050050J, ECH050050W, ECH060010A, ECH060020A, ECH060020J, ECH060020W, ECH060040, ECH060040A, ECH060040W, ECH060050A, ECH060050J, ECH460045A,

Reports of vascular graft delamination, which may lead to reduced access flow; cannulation difficulties; bleeding or bruising; and harms related to reintervention procedures, so Instructions for Use will be updated to modify existing warning to 1) further clarify techniques that …

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSeal Access System SGL, OUS, Material Number (UPN) M635TS70010; intended to provide vasc

Boston Scientific Corporation WATCHMAN TruSeal Access System SGL, OUS, Material Number (UPN) M635TS70010; intended to provide vascular and transseptal access for all WATCHMAN Left Atrial Appendage Closure Devices with Delivery Sys

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSeal Access System DBL, OUS, Material Number (UPN) M635TS70020; intended to provide vasc

Boston Scientific Corporation WATCHMAN TruSeal Access System DBL, OUS, Material Number (UPN) M635TS70020; intended to provide vascular and transseptal access for all WATCHMAN Left Atrial Appendage Closure Devices with Delivery Sys

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSeal Access System ANT, OUS, Material Number (UPN) M635TS70040; intended to provide vasc

Boston Scientific Corporation WATCHMAN TruSeal Access System ANT, OUS, Material Number (UPN) M635TS70040; intended to provide vascular and transseptal access for all WATCHMAN Left Atrial Appendage Closure Devices with Delivery Sys

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN FXD Curve Access Sys Sgl, OUS, Material Number (UPN) M635TS80010; intended to provide vascu

Boston Scientific Corporation WATCHMAN FXD Curve Access Sys Sgl, OUS, Material Number (UPN) M635TS80010; intended to provide vascular and transseptal access for the family of WATCHMAN FLX LAAC Devices with Delivery Systems.

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN FXD Curve Access Sys Dbl, OUS, Material Number (UPN) M635TS80020; intended to provide vascu

Boston Scientific Corporation WATCHMAN FXD Curve Access Sys Dbl, OUS, Material Number (UPN) M635TS80020; intended to provide vascular and transseptal access for the family of WATCHMAN FLX LAAC Devices with Delivery Systems.

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSeal Access System SGL, US, Material Number (UPN) M635TU70010; intended to provide vascu

Boston Scientific Corporation WATCHMAN TruSeal Access System SGL, US, Material Number (UPN) M635TU70010; intended to provide vascular and transseptal access for all WATCHMAN Left Atrial Appendage Closure Devices with Delivery Syst

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSeal Access System DBL, US, Material Number (UPN) M635TU70020; intended to provide vascu

Boston Scientific Corporation WATCHMAN TruSeal Access System DBL, US, Material Number (UPN) M635TU70020; intended to provide vascular and transseptal access for all WATCHMAN Left Atrial Appendage Closure Devices with Delivery Syst

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSeal Access System ANT, US, Material Number (UPN) M635TU70040; intended to provide vascu

Boston Scientific Corporation WATCHMAN TruSeal Access System ANT, US, Material Number (UPN) M635TU70040; intended to provide vascular and transseptal access for all WATCHMAN Left Atrial Appendage Closure Devices with Delivery Syst

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN FXD Curve Access System Sgl, US, Material Number (UPN) M635TU80010; intended to provide vas

Boston Scientific Corporation WATCHMAN FXD Curve Access System Sgl, US, Material Number (UPN) M635TU80010; intended to provide vascular and transseptal access for the family of WATCHMAN FLX LAAC Devices with Delivery Systems.

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN FXD Curve Access System Dbl, US, Material Number (UPN) M635TU80020; intended to provide vas

Boston Scientific Corporation WATCHMAN FXD Curve Access System Dbl, US, Material Number (UPN) M635TU80020; intended to provide vascular and transseptal access for the family of WATCHMAN FLX LAAC Devices with Delivery Systems.

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Boston Scientific Corporation — WATCHMAN TruSteer Access System, US, Material Number (UPN) M635TU90050;intended to provide vascular

Boston Scientific Corporation WATCHMAN TruSteer Access System, US, Material Number (UPN) M635TU90050;intended to provide vascular and transseptal access for the family of WATCHMAN FLX LAAC Devices with Delivery Systems.

Boston Scientific has identified a higher likelihood of air embolism events when procedures are performed without positive pressure-controlled ventilation. According to published literature and clinical data, in percutaneous procedures requiring transseptal access to the left atr…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM Android App M

Dexcom, Inc. Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM Android App Model/Catalog Number: SW12299 Software Version: version 2.8.0 and earlier Product Description: Dexcom

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM iOS App Model

Dexcom, Inc. Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM iOS App Model/Catalog Number: SW12300 Software Version: version 2.8.0 and earlier Product Description: Dexcom G7

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM watchOS App M

Dexcom, Inc. Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM watchOS App Model/Catalog Number: SW13355 Software Version: versions 2.8.0 and earlier Product Description: Dexco

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ Android CGM A

Dexcom, Inc. Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ Android CGM App Model/Catalog Number: SW14245 Software Version: versions 1.4.0 and earlier Product Description: D

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ iOS CGM App M

Dexcom, Inc. Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ iOS CGM App Model/Catalog Number: SW14244 Software Version: versions 1.4.0 and earlier Product Description: Dexco

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM Android App

Dexcom, Inc. Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM Android App Model/Catalog Number: SW12299 Software Version: version 2.8.0 and earlier Product Description: De

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM iOS App Mod

Dexcom, Inc. Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM iOS App Model/Catalog Number: SW12300 Software Version: version 2.8.0 and earlier Product Description: Dexcom

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM watchOS App

Dexcom, Inc. Brand Name: Dexcom G7 Continuous Glucose Monitoring System Product Name: Dexcom G7 CGM watchOS App Model/Catalog Number: SW13355 Software Version: versions 2.8.0 and earlier Product Description: D

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ Android CGM

Dexcom, Inc. Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ Android CGM App Model/Catalog Number: SW14245 Software Version: versions 1.4.0 and earlier Product Descriptio

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

Dexcom, Inc. — Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ iOS CGM App

Dexcom, Inc. Brand Name: Dexcom ONE+ Continuous Glucose Monitoring System Product Name: Dexcom ONE+ iOS CGM App Model/Catalog Number: SW14244 Software Version: versions 1.4.0 and earlier Product Description: D

The affected devices are the Dexcom G7 Continuous Glucose Monitoring System (CGM System) using iOS, watchOS and Android App software (versions 2.8.0 or earlier) and Dexcom ONE+ CGM System using iOS and Android App software (versions 1.4.0 or earlier), henceforth referred to as th…

HIGH FDA

mo-Vis BVBA Biebuyckstraat 15D Nevele Belgium — Micro Joystick R-net. Electrical wheelchair component.

mo-Vis BVBA Biebuyckstraat 15D Nevele Belgium Micro Joystick R-net. Electrical wheelchair component.

Devices with firmware versions 2.3 and lower may experience timing variations between software tasks, which could result in skipping the necessary neutral check and the wheelchair producing unintended movement upon power-up when the joystick is out of neutral.

HIGH FDA

mo-Vis BVBA Biebuyckstraat 15D Nevele Belgium — Multi Joystick R-net. Electrical wheelchair component.

mo-Vis BVBA Biebuyckstraat 15D Nevele Belgium Multi Joystick R-net. Electrical wheelchair component.

Devices with firmware versions 2.3 and lower may experience timing variations between software tasks, which could result in skipping the necessary neutral check and the wheelchair producing unintended movement upon power-up when the joystick is out of neutral.

HIGH FDA

mo-Vis BVBA Biebuyckstraat 15D Nevele Belgium — All-round Joystick R-net Light. Electrical wheelchair component.

mo-Vis BVBA Biebuyckstraat 15D Nevele Belgium All-round Joystick R-net Light. Electrical wheelchair component.

Devices with firmware versions 2.3 and lower may experience timing variations between software tasks, which could result in skipping the necessary neutral check and the wheelchair producing unintended movement upon power-up when the joystick is out of neutral.

HIGH FDA

Beckman Coulter, Inc. — Access Thyroglobulin assay, a simultaneous one-step immunoenzymatic assay, Catalog Number 33860

Beckman Coulter, Inc. Access Thyroglobulin assay, a simultaneous one-step immunoenzymatic assay, Catalog Number 33860

Access Thyroglobulin reagent lot 439163 may generate erroneously high patient results. Falsely increased Access Thyroglobulin results may lead a physician to pursue unnecessary diagnostic imaging studies and/or inappropriate therapy adjustments in patients being monitored for res…

HIGH FDA

MEDLINE INDUSTRIES, LP Northfield — SwabFlush Prefilled Syringe with ICU Medical SwabCaps, 10mL Model no. EMZE010301

MEDLINE INDUSTRIES, LP Northfield SwabFlush Prefilled Syringe with ICU Medical SwabCaps, 10mL Model no. EMZE010301

SwabFlush syringes are affected by the ICU Medical recall of their SwabCap Disinfecting Cap due to a manufacturing issue which affects the seal between the foil lid and plastic container of the Swab Cap. The issue may result in a reduced level of disinfection of the luer access v…

HIGH FDA

MEDLINE INDUSTRIES, LP Northfield — SwabFlush Prefilled Syringe with ICU Medical SwabCaps, 10mL Model no. EMZE010301

MEDLINE INDUSTRIES, LP Northfield SwabFlush Prefilled Syringe with ICU Medical SwabCaps, 10mL Model no. EMZE010301

SwabFlush syringes are affected by the ICU Medical recall of their SwabCap Disinfecting Cap due to a manufacturing issue which affects the seal between the foil lid and plastic container of the Swab Cap. The issue may result in a reduced level of disinfection of the luer access v…

HIGH FDA

PHILIPS MEDICAL SYSTEMS NEDERLAND B.V. Veenpluis 4-6 Best Netherlands — Azurion R1.x and R2.x systems; Model Numbers: (1) 722063, (2) 722064, (3) 722067, (4) 722068, (5) 72

PHILIPS MEDICAL SYSTEMS NEDERLAND B.V. Veenpluis 4-6 Best Netherlands Azurion R1.x and R2.x systems; Model Numbers: (1) 722063, (2) 722064, (3) 722067, (4) 722068, (5) 722078, (6) 722079, (7) 722221, (8) 722222, (9) 722223, (10) 722224, (11) 722225, (12) 722226, (13) 72

A software issue was identified in the internal communication process between the system software and the X-ray generator firmware. Loss of imaging (X-ray) functionality caused by the software issue in either of the two situations identified could result in a delay of therapy. Th…

HIGH FDA

PHILIPS MEDICAL SYSTEMS NEDERLAND B.V. Veenpluis 4-6 Best Netherlands — Azurion R1.x and R2.x systems; Model Numbers: (1) 722063, (2) 722064, (3) 722067, (4) 722068, (5) 7

PHILIPS MEDICAL SYSTEMS NEDERLAND B.V. Veenpluis 4-6 Best Netherlands Azurion R1.x and R2.x systems; Model Numbers: (1) 722063, (2) 722064, (3) 722067, (4) 722068, (5) 722078, (6) 722079, (7) 722221, (8) 722222, (9) 722223, (10) 722224, (11) 722225, (12) 722226, (13) 7

A software issue was identified in the internal communication process between the system software and the X-ray generator firmware. Loss of imaging (X-ray) functionality caused by the software issue in either of the two situations identified could result in a delay of therapy. T…

HIGH NVD CVSS 7.6

CVE-2025-32794 — Electronic Health Record Vulnerability

electronic health record

OpenEMR is a free and open source electronic health records and medical practice management application. A stored cross-site scripting (XSS) vulnerability in versions prior to 7.0.3.4 allows any authenticated user with patient creation privileges to inject arbitrary JavaScript co…

Get Alerted

Receive email notifications when new medical device cybersecurity alerts are published.